ManoMano Data Breach: Customer Support Subcontractor Targeted in January 2026 Cyberattack
French DIY e-commerce giant ManoMano has disclosed a data breach affecting customers who interacted with its support service. The incident, traced to a cyberattack on a third-party subcontractor in January 2026, resulted in the theft of personal data, though financial and login credentials remain secure.
What Happened?
Hackers compromised a subcontractor managing ManoMano’s customer support, gaining unauthorized access to records of clients who had contacted the service. The stolen data includes:
- Names
- Email addresses
- Phone numbers
- Conversation histories
Critically, passwords and banking details were not exposed, as ManoMano does not store such information with the subcontractor.
Response & Mitigation
Upon detecting the breach, ManoMano’s cybersecurity team disabled the compromised account and launched an internal investigation to assess the scope of the incident. The company has notified:
- CNIL (France’s data protection authority)
- ANSSI (National Cybersecurity Agency)
- Urgence Cyber Île-de-France (regional cybersecurity response platform)
ManoMano has also set up a dedicated helpline (+33(1) 87 52 80 89) for affected customers and warned of potential phishing attempts, as attackers may use the stolen data to craft convincing scams via email, SMS, or phone calls.
Impact & Risks
While no immediate financial fraud has been reported, the breach heightens the risk of social engineering attacks, with cybercriminals leveraging the stolen details to impersonate ManoMano or its partners. Customers are advised to verify sender addresses before engaging with communications and avoid sharing sensitive information without confirmation of legitimacy.
The incident underscores the supply chain vulnerabilities in cybersecurity, as attackers increasingly target third-party vendors to bypass primary defenses. ManoMano continues to reinforce security measures across its subcontractor network to prevent future breaches.
ManoMano TPRM report: https://www.rankiteo.com/company/manomano
"id": "man1771259135",
"linkid": "manomano",
"type": "Breach",
"date": "1/2026",
"severity": "85",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"{'affected_entities': [{'customers_affected': 'Customers who interacted with '
'support service',
'industry': 'DIY/Retail',
'location': 'France',
'name': 'ManoMano',
'type': 'E-commerce'}],
'attack_vector': 'Third-party subcontractor compromise',
'customer_advisories': 'Warned of potential phishing attempts; advised to '
'verify sender addresses and avoid sharing sensitive '
'information without confirmation.',
'data_breach': {'data_exfiltration': True,
'personally_identifiable_information': True,
'sensitivity_of_data': 'Personal data (non-financial, '
'non-login credentials)',
'type_of_data_compromised': ['Names',
'Email addresses',
'Phone numbers',
'Conversation histories']},
'date_detected': '2026-01',
'description': 'French DIY e-commerce giant ManoMano disclosed a data breach '
'affecting customers who interacted with its support service. '
'The incident, traced to a cyberattack on a third-party '
'subcontractor in January 2026, resulted in the theft of '
'personal data, though financial and login credentials remain '
'secure.',
'impact': {'brand_reputation_impact': 'Potential reputational damage due to '
'phishing risks',
'data_compromised': 'Names, email addresses, phone numbers, '
'conversation histories',
'identity_theft_risk': 'Heightened risk of social engineering '
'attacks',
'payment_information_risk': 'None (banking details not exposed)',
'systems_affected': 'Customer support subcontractor systems'},
'investigation_status': 'Ongoing',
'lessons_learned': 'Supply chain vulnerabilities in cybersecurity; attackers '
'increasingly target third-party vendors to bypass primary '
'defenses.',
'post_incident_analysis': {'corrective_actions': 'Disabled compromised '
'account; launched internal '
'investigation; reinforced '
'security measures across '
'subcontractor network',
'root_causes': 'Compromise of third-party '
'subcontractor managing customer '
'support'},
'recommendations': 'Reinforce security measures across subcontractor network; '
'verify sender addresses before engaging with '
'communications; avoid sharing sensitive information '
'without confirmation of legitimacy.',
'references': [{'source': 'ManoMano Disclosure'}],
'regulatory_compliance': {'regulatory_notifications': ['CNIL',
'ANSSI',
'Urgence Cyber '
'Île-de-France']},
'response': {'communication_strategy': 'Notified CNIL, ANSSI, and Urgence '
'Cyber Île-de-France; set up dedicated '
'helpline (+33(1) 87 52 80 89); warned '
'customers of phishing risks',
'containment_measures': 'Disabled the compromised account',
'incident_response_plan_activated': True,
'remediation_measures': 'Internal investigation, security '
'reinforcement across subcontractor '
'network'},
'stakeholder_advisories': 'Notified CNIL, ANSSI, and Urgence Cyber '
'Île-de-France.',
'title': 'ManoMano Data Breach: Customer Support Subcontractor Targeted in '
'January 2026 Cyberattack',
'type': 'Data Breach'}